<?php
class User extends Model{
	//密钥
	public $salt;

	public function getuser(){
		$sql="select * from ".$this->db->prefix."users u left join ".$this->db->prefix."role r on u.u_role = r.role_id";
		return $this->db->getAll($sql);
	}
	public function deluser(){
		$table = $this->db->prefix.'users';
		$this->db->delete($table, 'u_id',$_GET['uid']);
	}
	public function getoneuser($id){
		$sql="select * from ".$this->db->prefix."users u left join ".$this->db->prefix."role r on u.u_role = r.role_id where u_id='".intval($id)."'";
		return $this->db->getRow($sql);
	}

	public function adduser(){
		$this->helper(array('system'));
		$table = $this->db->prefix.'users';
		$arr = array('u_name'=>$_POST['u_name'],
					 'u_pass'=>$this->encrypt($_POST['u_pass']),
					 'u_ip'  =>get_ip(),
					 'u_role'=>$_POST['u_role'],
					 'last_time' =>mktime(),
					 'email' =>$_POST['email'],
					 'salt'  =>$this->salt
		);
		$this->db->insert($table, $arr);
	}
	public function updateuser($id){
		$this->helper(array('system'));
		$table = $this->db->prefix.'users';
		$wherestr = "u_id='".intval($id)."'";
		if(trim($_POST['u_pass'])==''){
			$arr = array('u_name'=>$_POST['u_name'],
						 'u_role'=>$_POST['u_role'],
						 'email' =>$_POST['email']
			);
		}else{
			$arr = array('u_name'=>$_POST['u_name'],
						 'u_pass'=>$this->encrypt($_POST['u_pass']),
						 'u_ip'  =>get_ip(),
						 'u_role'=>$_POST['u_role'],
						 'email' =>$_POST['email'],
						 'salt'  =>$this->salt
			);
		}
		$this->db->update($table, $arr,$wherestr);
	}
	public function updateprofile($id) {
		$this->helper(array('system'));
		$table = $this->db->prefix.'users';
		$wherestr = "u_id='".intval($id)."'";
		if(trim($_POST['u_pass'])==''){
			$arr = array('email' =>$_POST['email']
			);
		}else{
			$arr = array('u_pass'=>$this->encrypt($_POST['u_pass']),
						 'u_ip'  =>get_ip(),
						 'email' =>$_POST['email'],
						 'salt'  =>$this->salt
			);
		}
		$this->db->update($table, $arr,$wherestr);
	}

	public function encrypt($pass){
		$this->salt = substr(uniqid(rand()), -6);
		$password = md5(md5($pass).$this->salt);
		return $password;
	}
	public function login(){
		$user_name = isset($_POST['user_name'])?$_POST['user_name']:'';
		$user_password = isset($_POST['user_password'])?$_POST['user_password']:'';
		$sql ="select * from ".$this->db->prefix."users where u_name='$user_name'";
		$result = $this->db->query($sql);
		$num = $this->db->num_rows($result);
		if($num){
			$rs = $this->db->fetch_assoc($result);
			if($rs["u_pass"] != md5(md5($user_password).$rs['salt'])){
				return false;
			}else{
				$this->helper(array('system','string','cookie'));
				$u_id=$rs['u_id'];
				$u_name=$rs['u_name'];
				$u_role=$rs['u_role'];
				$this->db->query("delete from ".$this->db->prefix."sessions where u_id='".intval($u_id)."'");
				$this->db->query("insert into ".$this->db->prefix."sessions (u_id,u_name,u_role) values ('$u_id','$u_name','$u_role')");
				$this->db->query("update ".$this->db->prefix."users set u_ip='".get_ip()."',last_time='".mktime()."' where u_id='".intval($u_id)."'");
				set_cookie("u_id", $u_id, 86400,"/");
				set_cookie("u_name", $u_name, 86400,"/");
				set_cookie("u_role", $u_role, 86400,"/");
				return true;
			}
		}
		return false;
	}
	public function logout(){
		$this->helper(array('string','cookie'));
		$u_id=intval(get_cookie('u_id'));
		set_cookie("u_id", "", -1,"/");
		set_cookie("u_name", "", -1,"/");
		set_cookie("u_role", "", -1,"/");
		if($u_id){
			$this->db->query("delete from ".$this->db->prefix."sessions where u_id='".intval($u_id)."'");
		}
		return true;
	}
	public function islogin(){
		$this->helper(array('cookie'));
		$u_id=get_cookie('u_id');
		$u_name=get_cookie('u_name');
		$u_role=get_cookie('u_role');
		$result = $this->db->query("select u_id from ".$this->db->prefix."sessions where u_id = '".intval($u_id)."' and u_name='{$u_name}' and u_role='{$u_role}'");
		$num = $this->db->num_rows($result);
		if($num){
			return false;
		}
		return true;
	}
}